IT Modernization and DevOps News Week in Review

By Flux7 Labs

March 11, 2019

RSA took place last week and as a result, cloud security is in the news. According to the 6th annual DevSecOps Community Survey by Sonatype, CloudBees, Carnegie Mellon’s Software Engineering Institute and several other partners, corporate application security initiatives are only gradually gaining traction. For example, they find that only 54% of responding organizations have cybersecurity incident response plans in place, a figure that held steady from last year. And, 26% reported that they have no protections for confidential information like passwords and API keys. Notably, security tools are still not well integrated with the DevOps pipeline. Only 11% report a fully integrated and automated security.

Yet, DevOps is decidedly on the rise with 95% of respondents saying their organizations use advanced development processes, Agile, DevOps and/or continuous integration/continuous delivery (CI/CD). Deployments are also increasing in frequency with 9% deploying with every change and 65% deploying at least once per week.

Sysdig announced additions to its Cloud-Native Intelligence Platform, namely support for new frameworks and guided remediation for compliance, new compliance dashboards, new Kubernetes audit dashboards, and SIEM enrichment capabilities.

Firemon announced at RSA Lumeta CloudVisibility, proven cloud visibility, security and anomaly detection for hybrid enterprises. With this release, FireMon introduces real-time infrastructure visibility, change monitoring and leak-path detection for enterprises in any phase of their cloud migration, regardless of cloud platform, for physical, virtual, software-defined, on-premise and hybrid environments.

CyberArk launched CyberArk Privileged Access Security Solution v10.8. The company claims it is the first-of-its-kind to automate detection, alerting and response for unmanaged and potentially-risky AWS accounts. The new version also features Just-in-Time capabilities that deliver flexible user access to cloud-based or on-prem Windows systems.

AWS News

New this week is the availability of a pre-upgrade assistant that simplifies the migration process from Amazon Linux AMIto Amazon Linux 2. Operators can run the pre-upgrade assistant on instances running Amazon Linux to check for incompatibilities in packages, libraries, services, and more and the assistant produces a report outlining potential incompatibilities, with suggested mitigations. The pre-upgrade assistant module for Amazon Linux AMI is available on GitHubunder the Apache 2.0 open-source license.

Also announced this week is the ability to automate releases to the AWS Serverless Application Repository using AWS CodePipeline. AWS reports that operators can now publish applications to the AWS Serverless Application Repository using continuous delivery pipelines supported by AWS CodePipeline, making it no longer necessary to write any code to publish updates to applications in the Serverless Application Repository.

Amazon has announced that operators can now use AWS Systems Manager to manage large hybrid environments with over 1,000 instances through a new advanced on-premises instance management tier. According to the announcement, the tier also enables advanced functionality, such as using interactive shell access with Systems Manager Session Manager to connect to on-premises instances, thus removing the need to open inbound ports, manage SSH keys, or use bastion hosts.